In the Claims: 

Please amend Claims 57, 63, 72, 81 , 91 , 93 and 95, all as shown below. Applicant reserves 
the right to prosecute any originally presented claims in a future or continuing application. 

1 -56. (Previously Canceled). 

57. (Currently Amended) A system for maintaining security in a distributed computing 
environment, comprising: 

a policy manager located on a server for manag i ng creating a local security policy and for 
distributing the local security policy to a client wherein the local security policy includes a plurality 
of rules custom i zab le customized to the client; and 

an application guard located at the client for managing access to securable components at 
a client level as specified by the local security policy, the securable components including at least 
one application; 

wherein the policy manager receives a global security policy that includes a plurality of rules 
for regulating access to securable components within the system and wherein the policy manager 
customizes the local security policy by selecting a subset of rules from the global security policy that 
is applicable to the application guard and distributes the subset to the application guard. 

58. (Previously Presented) The system of Claim 57 including a function within the application 
as specified by the security policy. 

59-62. (Previously Withdrawn). 

63. (Currently Amended) A method for maintaining security in a distributed computing 
environment, comprising: 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application: 

manag i ng creating a local security policy via a policy manager located on a server, the local 
security policy including a plurality of rules custom i zab le customized to a client wherein creating the 
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local security policy includes customizing the local security policy by selecting a subset of rules 
from the global security policy that is applicable to an application guard located on the client: 
distributing the local security policy to the client; and 

managing access as specified by the local security policy via an the application guard 
located at the client to securable components i nc l ud i ng at le ast on e app li cat i on . 

64. (Previously Presented) The method of Claim 63 including a function within the application 
as specified by the security policy. 

65-68. (Previously Withdrawn). 

69-71 . (Previously Canceled). 

72. (Currently Amended) A method for maintaining security in a distributed computing 
environment, comprising the steps of: 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application: 

providing a policy manager located on a server to manag e create a local security policy 
including a plurality of rules custom i zab le customized to a client wherein creating the local security 
policy includes customizing the local security policy by selecting a subset of rules from the global 
security policy that is applicable to an application guard located on the client : 

distributing the local security policy to the client; and 

providing an application guard located at the client to manage access to securable 
components at a client level as specified by the local security polic y, th e s e curab le compon e nts 
i nc l uding at le ast on e application . 

73. (Previously Presented) The method of Claim 72 including a function within the application 
as specified by the security policy. 

74-77. (Previously Withdrawn). 

78-80. (Previously Canceled). 
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81 . (Currently Amended) A computer readable storage medium having stored thereon a set of 
instructions to execute a method for maintaining security in a distributed computing environment 
comprising the steps of: 

receiving a global security policy that includes a plurality of rules for regulating access to 
securable components in the system, the securable components including at least one application; 

managing creating a local security policy via a policy manager located on a server, the local 
security policy including a plurality of rules custom i zab le customized to a client wherein creating the 
local security policy includes customizing the local security policy by selecting a subset of rules 
from the global security policy that is applicable to an application guard located on the client; 

distributing the local security policy to the client; and 

managing access as specified by the local security policy via an the application guard 
located at the client to securable components i nc l ud i ng at le ast on e app li cat i on . 

82. (Previously Presented) The computer readable storage medium of Claim 81 including a 
function within the application as specified by the security policy. 

83-86. (Previously Withdrawn). 

87-89. (Previously Canceled). 

90. (Previously Presented) The system of claim 57, wherein the application guard further allows 
for additional customized code to process and evaluate authorization requests based on the 
additional customized code. 

91 . (Currently Amended) The system of claim 90. furth e r compris i ng a wherein the global policy 
sp e c i fy i ng specifies access privileges of a user to securable components. 

92. (Previously Presented) The method of claim 72, wherein the application guard further allows 
for additional customized code to process and evaluate authorization requests based on the 
additional customized code. 
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93. (Currently Amended) The method of claim 92 , furth e r compr i s i ng th e st e p of prov i d i ng a 
wherein the global policy sp e c i fying specifies access privileges of a user to securable components. 



94. (Previously Presented) The computer readable storage medium of claim 81 , wherein the 
application guard further allows for additional customized code to process and evaluate 
authorization requests based on the additional customized code. 

95. (Currently Amended) The computer readable storage medium of claim 94, wherein the 
m e thod furth e r compr i s e s th e st e p of prov i ding a global policy sp e cify i ng specifies access privileges 
of a user to securable components. 
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